Privacy Policy (Dashboard)

1. Who we are

• Business name: Rabbit Foods (trading as Rabbit)
• Address: 7 Church Lane, Felixstowe, IP11 9DJ
• Contact: support@tryrabbit.food

We are the data controller for personal data described in this policy.

2. Personal data we collect

We may collect the following categories of personal data:

• Account and contact details: name, email address, phone number, password (stored securely), role and permissions.
• Business details: restaurant name, address, trading details, opening hours, and other configuration you provide.
• Payment and onboarding data: information required to onboard with Stripe (including identity/verification information collected by Stripe), payout status, and payment-related identifiers.
• Usage and device data: IP address, device/browser information, log data, and diagnostic data.
• Communications: support requests, emails, and any messages you send to us.

3. How we use personal data

We use personal data to:

• Provide, administer, and secure the Dashboard and Services.
• Set up and manage your restaurant account(s), locations, menus, and settings.
• Enable payments and payouts via Stripe and prevent fraud and abuse.
• Provide customer support and respond to queries.
• Monitor performance, debug issues, and improve the Services.
• Comply with legal obligations (for example, accounting and tax).

4. Legal bases (UK GDPR)

We process personal data on the following legal bases:

• Contract (to provide the Services to you and manage your account).
• Legitimate interests (to secure and improve the Services, prevent fraud, and support users).
• Legal obligation (where applicable, such as record keeping).
• Consent (where required, such as non-essential cookies and certain marketing communications).

5. Sharing personal data

We may share personal data with:

• Stripe (payment processing, payouts, fraud prevention, and identity verification where required).
• Service providers that host or support the Services (for example, hosting/database providers and email delivery providers).
• Professional advisers and authorities where required by law.

We do not sell your personal data.

6. Customer data processed through the Dashboard

When you receive orders, you may access personal data about your customers (for example, names, contact details, addresses, and order notes). You are responsible for using that data in compliance with data protection law and for providing your own privacy notices to customers where required.

We process customer data to operate the Services, including showing orders to you and facilitating payments and operational communications. Depending on the context, we may act as an independent controller and/or as a processor on your behalf. Where applicable, a data processing addendum is available on request.

7. International transfers

Some service providers may process personal data outside the UK. Where we transfer personal data internationally, we use appropriate safeguards required by UK data protection law (for example, UK adequacy regulations or standard contractual clauses with the UK addendum).

8. Retention

We keep personal data only as long as necessary for the purposes described in this policy, including to provide the Services, maintain records, resolve disputes, enforce agreements, and comply with legal obligations.

9. Your rights

Subject to UK GDPR, you may have rights to request access, correction, deletion, restriction, or portability, and to object to certain processing. You may also withdraw consent where we rely on consent.

To exercise your rights, contact support@tryrabbit.food.

You also have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk.

10. Cookies

We use cookies and similar technologies to provide the Dashboard and keep you signed in. See our Cookie Policy for details.